Anatomy Of A 'Cyber-Physical' Attack

[InfoSec News <alerts () infosecnews org>]

http://www.darkreading.com/vulnerabilities---threats/anatomy-of-a-cyber-physical-attack-/d/d-id/1318624

By Kelly Jackson Higgins
Dark Reading
1/14/2015

S4 Conference 2015 — The real threat to a power or manufacturing plant 
isn't the latest vulnerability or malware variant.

"If you only consider hackers, you don’t have to be concerned that much. 
They won't be able to take down a power grid or blow up chemical 
facilities," says Ralph Langer, founder of Langner Communications and a 
top Stuxnet expert. The danger is when attackers have an understanding of 
the physical and engineering aspects of the plant or site they are 
targeting, he says.

"We have not seen a lot of cyber-physical attacks in the past to actually 
cause much damage. That requires skillsets that have nothing to do with 
hacking," says Langner.

Stuxnet, of course, was the first known example of a cyber-physical 
attack. Its mission was to derail the uranium enrichment process at Iran's 
Natanz nuclear facility by sabotaging the associated centrifuges.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/